Listing of the Claims 



1 . (Currently Amended) A method comprising: 

generating session information at a control node in response to a request from a 
client to access a system node discrete from the control node and sending the session 
information to the client, the system node, and a data node discrete from the control node 
and the system node if the client and system node satisfy at least one condition for 
accessing each other; 

receiving at the data node a request from the client to access the system node and a 
request from the system node to access the client; and 

establishing a first secure authenticated connection between the client and the 
system node via the data node based at least in part on the session information. 

2. (Previously presented) The method of claim 1, further comprising receiving at 
the control node a request from the client for the session information. 

3. (Previously presented) The method of claim 1, further comprising, prior to 
receiving the request from the client to access the system node, registering the system 
node with a control node. 

4. (Previously presented) The method of claim 1 further comprising, prior to 
receiving the request from the client to access the system node, providing a list of 
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registered system nodes to the client, wherein the system node is selected at the client 
from the list of registered system nodes. 

5. (Original) The method of claim 1, further comprising notifying the system node 
when a message is received from the client at the data node. 

6. (Previously presented) The method of claim 5, further comprising establishing 
a second secure authenticated connection between the system node and the data node. 

7. (Previously presented) The method of claim 6, further comprising sending the 
message from the data node to the system node over the second secure authenticated 
connection between the system node and the data node. 

8. (Currently Amended) A computer program product encoding computer 
programs for executing on a control node and a data node discrete from the control node 
a computer process, the computer process comprising: 

generating session information at the control node in response to receiving a 
request from a client to access a system node discrete from the control node and the data 
node and sending the session information to the client, the system node, and the data 
node if the client and system node satisfy at least one condition for accessing each other; 

receiving at the data node a request from the client to access the system node and a 
request from the system node to access the client; and 
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establishing a first secure authenticated connection between the client and the 
system node via the data node based at least in part on the session information. 

9. (Original) The computer program product of claim 8 wherein the computer 
process at the control node further comprises registering the system node. 

10. (Previously presented) The computer program product of claim 8 wherein the 
computer process at the control node further comprises updating a client database at the 
control node with a dynamic network address for the system node on a recurring basis. 

1 1 . (Previously presented) The computer program product of claim 8 wherein the 
computer process at the data node further comprises: 

notifying the system node when a message is received from the client at the data 

node; 

establishing a second secure authenticated connection between the system node 
and the data node; and 

sending the message from the data node to the system node over the second secure 
authenticated connection between the system node and the data node. 

12. (Currently Amended) A system for establishing a secure authenticated 
network connection between a client and a system node, comprising: 
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a control node discrete from but linked to the client and the system node, the 
control node providing the client and the system node with session information if the 
client and system node satisfy at least one condition for accessing each other; and 

a data node discrete from but communicatively coupled to the control node, the 
data node receiving a request from the client to access the system node and a request 
from the system node to access the client and establishing a first secure authenticated 
connection between the client and the system node via the data node based at least in part 
on the session information. 

13. (Original) The system of claim 12 wherein the session information includes at 
least a network address for the system node. 

14. (Original) The system of claim 12 wherein the session information includes at 
least a dynamic network address for the system node. 

15. (Original) The system of claim 12 wherein the session information includes a 
status of the system node. 

16. (Previously presented) The system of claim 12 wherein a second secure 
authenticated connection between the data node and the system node is established in 
response to the data node receiving a message from the client. 
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17. (Original) The system of claim 12 further comprising a client database 
operatively associated with the control node, the client database including a data structure 
identifying system nodes registered with the control node. 

18. (Original) The system of claim 17 wherein the data structure identifies 
authorized users of the system nodes registered with the control node. 

19. (Original) The system of claim 12 further comprising a session database 
operatively associated with the data node, the session database storing the session 
information received from the control node. 

20. (Previously presented) The system of claim 19 wherein the session 
information for a client session is removed from the session database when the client 
session ends. 
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